User deletion and right to be forgotten requests

We've expanded the scope of our user deletion endpoint. Now we permanently delete all content associated with a user upon receiving a deletion request. This means that Knock user deletion is now fully GDPR-compliant and can be used to programmatically process right to be forgotten requests. Previously we had supported these requests in an ad-hoc way through our customer support, but with this change you can now programmatically call the user delete or bulk delete APIs and have all content for a user permanently removed.

You can learn more in our user deletion documentation ->

Bypass recipient preference evaluation

We've introduced a per-workflow control to bypass recipient preferences. This is useful in situations where you need to force a critical notification through to a recipient (such as a password reset email) regardless of that recipient's channel preferences.

You can find the new preference control under "Manage workflow" in the workflow three-dot menu. You can learn more in the preferences documentation.

Fixes and improvements

  • 👀 We changed the admin role to be able to create and manage environments
  • 👀 We changed our combobox behavior for selecting recipients and actors to load a page of data to aid with selection
  • 👀 We added support for per-customer overrides for idempotency windows
  • 🐛 We fixed an issue where the workflow category selector was case sensitive
  • 🐛 We fixed an issue where the knock.messages.delivered metric was not being sent to Datadog